[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#830777: nfs-common: rpc.idmapd does not start under systemd on a pure client system

Hello Ben Harris.

Thanks for your bug report. Unlike all the other RC bugs for nfs-utils
this one was introduced by my NMU so I feel atleast partially
responsible. I'm not a nfs user myself though so beware that my
interest is limited.

On Mon, Jul 11, 2016 at 12:22:15PM +0100, Ben Harris wrote:
> Package: nfs-common
> Version: 1:1.2.8-9.1
> Severity: normal
> 
> Dear Maintainer,
> 
> I have a system that acts as an NFSv4 client.
> It does not have nfs-kernel-server installed. 

(Thanks very useful information.)

> After a recent reboot, I found that none of the files in my
> NFS-mounted home directory was owned by me any more:
> 
> bjh21@wraith:~/config/platforms-ansible$ ls -l ~/.ssh
> total 609
> -rw-r--r-- 1 4294967294 4294967294    616 Aug 14  2015 authorized_keys
> ...
> 
> I found that rpc.idmapd was not running, and could not be started:
[...]
> When I copied /lib/systemd/system/nfs-idmapd.service to /etc/systemd/system
> and commented out the line "BindsTo=nfs-server.service", things got better
> and "service nfs-idmapd start" worked. 

The BindsTo= statement is documented at
https://www.freedesktop.org/software/systemd/man/systemd.unit.html#BindsTo=
As you can see its said to be a variant of Requires= which means the
service in question won't start unless the referenced one also does.
Since you don't have nfs-kernel-server package installed, which is the
package shipping the nfs-server.service, you will not be able to start
nfs-idmapd.service in it's current state. No surprise here I guess
as you already figured that out.

The relevant upstream commit introducing the BindsTo= is
http://git.linux-nfs.org/?p=steved/nfs-utils.git;a=commitdiff;h=b5cea96efb1512340a536e25650c5b548ddddfc6
with commit message
"Since rpc.idmapd is only used by the nfs server,
to do its id mapping, bind the rpc-idmapd service
to the nfs-server service so rpc.idmapd will
started and stopped with the server.Since rpc.idmapd is only used by the
nfs server,
to do its id mapping, bind the rpc-idmapd service
to the nfs-server service so rpc.idmapd will
started and stopped with the server."

So upstream seems to think rpc.idmapd is not useful without
nfs-kernel-server while you do. Any chance you could take this
issue upstream and discuss it there directly?

> After a few seconds, my home directory had the correct owner:
> 
> bjh21@wraith:~/config/platforms-ansible$ ls -l ~/.ssh
> total 609
> -rw-r--r-- 1 bjh21 bjh21    616 Aug 14  2015 authorized_keys
> 
> I think that nfs-common should arrange that rpc.idmapd is started even on
> systems without nfs-kernel-server installed, or at least that there is a
> note in NEWS.Debian telling users how to turn it back on.

The unit files shipped comes basically verbatim from upstream. If
they're not correct we should be good citizens and help fix them
upstream rather than suggesting workarounds in my humble opinions.
Please discuss the issue upstream. If you describe your usecase
upstream might find a suitable solution for us.

Please see http://linux-nfs.org

Regards,
Andreas Henriksson
Reply to: